Setting the correct rights of Workflow Instance when created through OpenIAP API

I have managed to create new tasks (workflow instances) using the C# openiap package.
I use the InsertOne call to add it to the “workflow_instances” collection.

It is added such that the the user that is logged in through the api and is making the InsertOne call and the admins role have rights to it. Which makes sense. That could be the correct rights. But I want the role that I set as “targetid” to be able to see it too. Unfortunately I dont know how to set the rights correctly before doing the InsertOne call or correcting it with UpdateOne after.

Hope you can help me out on this @Allan_Zimmermann :slight_smile:

you need to add the role to the _acl list
the most important thing is _id and rights

    {
      "rights": 65535, <-- full control
      "_id": "5a1702fa245d9013697656fa", <-- user or role id
      "name": "vurderingsstyrelsen" <-- can be anything, but will normally be the name of the role/user
    }

That worked out. Thanks! :slight_smile: